laravel-safeguard

Quick Start

Install via Composer:

composer require abdian/laravel-safeguard

Use in your validation:

use Illuminate\Http\Request;

public function upload(Request $request)
{
    $request->validate([
        'file' => 'required|safeguard',
    ]);

    // File is safe to process
}

Why Laravel Safeguard?

Traditional file validation only checks extensions and client-provided MIME types - both can be easily faked. Laravel Safeguard validates files based on their actual binary content and scans for hidden threats.

What it protects against:

• ✅ File Type Spoofing - Detects real file type via magic bytes
• ✅ PHP Code Injection - Scans for malicious PHP code in uploads
• ✅ XSS Attacks - Detects script tags and event handlers in SVG
• ✅ Metadata Exploits - Scans image EXIF for hidden code
• ✅ PDF Malware - Detects JavaScript and dangerous actions
• ✅ Executable Files - Auto-blocks .exe, scripts, and binaries

Trusted By Developers

// Images only with security
'avatar' => ['required', (new Safeguard())
    ->imagesOnly()
    ->maxDimensions(1920, 1080)
    ->blockGps()
    ->stripMetadata()
],

// PDFs with restrictions
'document' => ['required', (new Safeguard())
    ->pdfsOnly()
    ->maxPages(50)
    ->blockJavaScript()
],

Laravel 10, 11, and 12 Compatible

Works seamlessly with Laravel 10.x, 11.x, and 12.x - no breaking changes, just security.

This site is open source. Improve this page.